Aggregator

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

Security Affairs
4 months 2 weeks ago
SolarWinds fixed a critical flaw in its Web Help Desk software that could allow attackers to execute arbitrary commands on vulnerable systems. SolarWinds has released hot fixes to address a critical flaw, tracked as CVE-2025-26399 (CVSS score: 9.8), affecting its Web Help Desk software. An attacker could exploit the flaw to execute arbitrary commands on susceptible […]
Pierluigi Paganini

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

Krebs on Security
4 months 2 weeks ago
U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.
BrianKrebs

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

Ransomware – Krebs on Security
4 months 2 weeks ago
U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.
BrianKrebs

CVE-2025-10890 | Google Chrome up to 140.0.7339.185 V8 information disclosure

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability has been found in Google Chrome and classified as problematic. Affected by this vulnerability is an unknown functionality of the component V8. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2025-10890. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2025-39890 | Linux Kernel up to 6.6.93/6.12.33/6.15.2 wifi ath12k_service_ready_ext_event memory leak

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.93/6.12.33/6.15.2. Affected is the function ath12k_service_ready_ext_event of the component wifi. The manipulation results in memory leak. This vulnerability was named CVE-2025-39890. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.
vuldb.com

CVE-2025-39889 | Linux Kernel up to 5.15.180/6.1.134/6.6.87/6.12.24/6.14.3 Bluetooth information disclosure

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.180/6.1.134/6.6.87/6.12.24/6.14.3. This impacts an unknown function of the component Bluetooth. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-39889. The attack can only be initiated within the local network. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-58241 | Linux Kernel up to 6.11.5 Bluetooth privilege escalation

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability classified as critical was found in Linux Kernel up to 6.11.5. This affects an unknown function of the component Bluetooth. Executing manipulation can lead to privilege escalation. This vulnerability is handled as CVE-2024-58241. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader

Cyber Security News
4 months 2 weeks ago

A sophisticated technique that allows attackers to execute malicious code directly in memory is gaining traction, posing a significant challenge to modern Endpoint Detection and Response (EDR) solutions. This method, which involves an in-memory Portable Executable (PE) loader, enables a threat actor to run an executable within an already trusted process, effectively bypassing security checks […]

The post Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader appeared first on Cyber Security News.

Guru Baran

OnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User Permission

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 months 2 weeks ago

A newly disclosed flaw in OnePlus OxygenOS lets any app on a device read SMS and MMS messages without asking the user. Tracked as CVE-2025-10184, the issue stems from a permission bypass in the Telephony content provider (com.android.providers.telephony). Normally, apps must hold the Android READ_SMS permission and prompt the user before accessing text messages. In […]

The post OnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User Permission appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 months 2 weeks ago

In January 2025, Supermicro released patches addressing critical vulnerabilities in its Baseboard Management Controller (BMC) firmware validation logic. Despite these updates, subsequent research has uncovered bypass techniques that undermine signature verification and even compromise the BMC’s Root of Trust (RoT). Among these, CVE-2024-10237 stemmed from a logical vulnerability in the validation process, allowing malicious firmware […]

The post Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Weaponized Malwarebytes, LastPass, Citibank, SentinelOne, and Others on GitHub Deliver Malware

Cyber Security News
4 months 2 weeks ago

In recent weeks, cybersecurity teams have observed a surge in malicious GitHub repositories masquerading as legitimate security and financial software. Threat actors have crafted convincing forks of projects bearing names like Malwarebytes, LastPass, Citibank, and SentinelOne, populated with trojanized installers and scripts that deliver stealthy malware payloads. These repositories exploit the trust developers place in […]

The post Weaponized Malwarebytes, LastPass, Citibank, SentinelOne, and Others on GitHub Deliver Malware appeared first on Cyber Security News.

Tushar Subhra Dutta

New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus

The Hackers News
4 months 2 weeks ago
Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share "significant" source code overlaps with IcedID and Latrodectus. "The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and IcedID during attacks," Zscaler ThreatLabz said in a Tuesday report. "YiBackdoor is able to execute
The Hacker News

Managed ad